<?php
/*****************************
	File: login.php
	Written by: Frost of Slunked.com
	Tutorial: User Registration and Login System
 ******************************/
include("header.php");

// If the user is logging in or out
// then lets execute the proper functions
if (isset ( $_GET ['action'] )) {
	switch (strtolower ( $_GET ['action'] )) {
		case 'login' :
			if (isset ( $_POST ['username'] ) && isset ( $_POST ['password'] )) {
				// We have both variables. Pass them to our validation function
				if (! validateUser ( $_POST ['username'], $_POST ['password'] )) {
					// Well there was an error. Set the message and unset
					// the action so the normal form appears.
					$_SESSION ['error'] = "Bad username or password supplied.";
					unset ( $_GET ['action'] );
				}
			} else {
				$_SESSION ['error'] = "Username and Password are required to login.";
				unset ( $_GET ['action'] );
			}
			break;
		case 'logout' :
			// If they are logged in log them out.
			// If they are not logged in, well nothing needs to be done.
			if (loggedIn ()) {
				logoutUser ();
				$sOutput .= '<h2 align = "center">Logged out!</h2><p align = "center" >You have been logged out successfully. 
						</p><h4 align = "center">Would you like to go to <a href="index.php">site index</a>?</h4>';
			} else {
				// unset the action to display the login form.
				unset ( $_GET ['action'] );
			}
			break;
	}
}

$sOutput .= '<div id="index-body">';

// See if the user is logged in. If they are greet them 
// and provide them with a means to logout.
if (loggedIn ()) {
	$sOutput .= '<h2 align = "center">Logged In!</h2>
		<p align = "center"> Hello, ' . $_SESSION ["username"] . ' how are you today? </p>
		<h4 align = "center">Would you like to <a href="login.php?action=logout">logout</a>?</h4>
		<h4 align = "center">Would you like to go to <a href="index.php">site index</a>?</h4>';
} elseif (! isset ( $_GET ['action'] )) {
	// incase there was an error 
	// see if we have a previous username
	$sUsername = "";
	if (isset ( $_POST ['username'] )) {
		$sUsername = $_POST ['username'];
	}
	
	$sError = "";
	if (isset ( $_SESSION ['error'] )) {
		$sError = '<span id="error">' . $_SESSION ['error'] . '</span><br />';
	}
	
	$sOutput .= '<table width="250" border="0" align="center" cellpadding="0"
	cellspacing="1" bgcolor="#CCCCCC">
	<tr>
		<form name="login" method="post" action="login.php?action=login">
		<td>
		<table width="100%" border="0" cellpadding="3" cellspacing="1"
			bgcolor="#FFFFFF">
			<tr>
				<td colspan="3" align = "center"><strong>Login </strong></td>
			</tr>

			<tr>
				<td width="78">Username</td>
				<td width="6">:</td>
				<td width="294"><input name="username" type="text" id="username"></td>
			</tr>
			<tr>
				<td>Password</td>
				<td>:</td>
				<td><input name="password" type="password" id="password"></td>
			</tr>
			<tr>
				<td colSpan = "3" align = "center"><input type="submit" name="Submit" value="Login"></td>
			</tr>
			<tr>
				<td colSpan = "3" align ="center">Create a new <a href="org_registration.php">account</a>?</td>
			</tr>
		</table>
		</td>
		</form></tr>
</table>
				<p align = "center">' . $sError . '</p>
		</div>
		';
}

$sOutput .= '</div>';

// lets display our output string.
echo $sOutput;
require_once ("footer.php");
?>
